Main Vulnerability Database SB2021100504

SB2021100504 - Security restrictions bypass in OpenShift Container Platform 3.11

Published: October 5, 2021 Updated: January 19, 2022

Security Bulletin ID SB2021100504

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Security restrictions bypass (CVE-ID: CVE-2021-25741)

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to application does not properly impose security restrictions by allowing hostPath-like access without use of the hostPath feature. A remote user can create a container with subpath volume mounts to access files and directories outside of the volume, including on the host filesystem.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2021:3646

Vulnerable Software

Red Hat OpenShift Container Platform: 3.11.0 - 3.11.523
atomic-openshift (Red Hat package): 3.11.16-1.git.0.b48b8f8.el7 - 3.11.501-1.git.0.f8c4746.el7
openshift-ansible (Red Hat package): 3.11.16-1.git.0.4ac6f81.el7 - 3.11.501-1.git.0.5ea39b1.el7
atomic-openshift-cluster-autoscaler (Red Hat package): 3.11.16-1.git.0.8c8305e.el7 - 3.11.501-1.git.99b2acf.el7
golang-github-prometheus-alertmanager (Red Hat package): 3.11.16-1.git.0.be735ec.el7 - 3.11.501-1.git.13de638.el7
atomic-openshift-service-idler (Red Hat package): 3.11.16-1.git.14.a65cbf0.el7 - 3.11.501-1.git.39cfc66.el7
atomic-openshift-metrics-server (Red Hat package): 3.11.16-1.git.52.9fd74a8.el7 - 3.11.501-1.git.f8bf728.el7
atomic-openshift-node-problem-detector (Red Hat package): 3.11.16-1.git.198.95f4dfa.el7 - 3.11.501-1.git.c8f26da.el7
openshift-enterprise-autoheal (Red Hat package): 3.11.16-1.git.219.5443970.el7 - 3.11.501-1.git.f2f435d.el7
atomic-openshift-web-console (Red Hat package): 3.11.16-1.git.289.ecf7441.el7 - 3.11.501-1.git.fc3b323.el7
atomic-openshift-descheduler (Red Hat package): 3.11.16-1.git.300.abfab3c.el7 - 3.11.501-1.git.d435537.el7
openshift-enterprise-cluster-capacity (Red Hat package): 3.11.16-1.git.380.1406f2f.el7 - 3.11.501-1.git.22be164.el7
golang-github-openshift-oauth-proxy (Red Hat package): 3.11.16-1.git.409.922769e.el7 - 3.11.501-1.git.edebe84.el7
golang-github-prometheus-node_exporter (Red Hat package): 3.11.16-1.git.1056.1583d2a.el7 - 3.11.501-1.git.609cd20.el7
atomic-enterprise-service-catalog (Red Hat package): 3.11.16-1.git.1633.05087cb.el7 - 3.11.501-1.git.2e6be86.el7
golang-github-prometheus-prometheus (Red Hat package): 3.11.16-1.git.5020.5e81ed1.el7 - 3.11.501-1.git.99aae51.el7
atomic-openshift-dockerregistry (Red Hat package): 3.11.51-1.git.446.d29ce0e.el7 - 3.11.501-1.git.3571208.el7
openshift-kuryr (Red Hat package): 3.11.153-1.git.1.073ef06.el7 - 3.11.501-1.git.c33a657.el7

SB2021100504 - Security restrictions bypass in OpenShift Container Platform 3.11

Breakdown by Severity

Description

Remediation

References

Please verify you're human